Compromised Card Feedback


I received a customer service message yesterday to notify me that Mastercard had alerted Starling to the fact that my card details may have been compromised.

I was advised that if I kept the card it may impact my liability in the event of further potential loss, in line with Starling’s T&C’s.

I was asked to get in touch if I have any further questions, which I did right away.

I am yet to receive any response and to be honest the in app message looked and sounded fairly rushed and unprofessional. I say this as the message was labelled “Card Dispute” when it’s a possibly compromised card; the fact that the line “your details may have been compromised, following spend at a retailer.” which is not proper English and also the use of forum emoji code such as :point right: was used which doesn’t work via chat.

Secondly what if Starling was my main bank account!? I now have to wait until the 19th for new card to be sent out and would have no access to purchasing online or transactions over £30.

Starling being touted as a travel card must be a joke surely!? What if I was abroad with no way to get a replacement card sent to me? (Not all countries have widespread adoption of Apple / Google Pay!) Would I have to carry on with my potentially compromised card worrying that with any fraud that happens I will now most likely be liable for it? I find this totally unacceptable.

I think Starling has totally dropped the ball here; I know that it’s a serious matter but such a stern response essentially saying cancel my card and if I don’t the liability shifts to you not us does not seem to be from a bank that has customers experience and interests as key.

Also the message doesn’t even mention how to cancel a card in app or the fact that you can use Apple or Google Pay before the new card arrives. I’m guessing you assume that a customer would know that!?


Doesn’t sound like the best way to deal with it. Most banks will block your card if they think its been compromised, not ask you to block it yourself.

I’ve had that in the past with high street banks, blocking it because they feel there is a threat, not asking me to do it myself. Sort of a backwards way, what if you are asleep and it takes you hours to reply.


Exactly the same experience for me yesterday @thom_horne


I’d expect starling to temporarily block it in app followed by a push notification and message fully explaining what’s happened and what your options are. Sounds like a very poor experience.

The content and tone of communications ranges from excellent (most of the time) to very poor bordering on rude or they just don’t have a clue (sometimes). There’s a lack of consistency.


I’m seriously considering closing my account; I find this so unproffesional.

At what point would I have been liable!? After the message was sent by Starling, which could have taken me a few hours or more to read or after I read the message?

Would Starling even be able to tell if I read the message and if so at what time?


Hey @thom_horne

Thank you for raising this.

To give you a bit more context about this, this message is as a result of the data breach with Dixons Carphone Warehouse. You’ll no doubt be aware of this, as it’s been in the headlines recently.

Mastercard contacted us to advise us that some of our customers were affected by this, and our priority was to make customers aware of this. With that in mind, we can only apologise if the communication appeared disjointed or rushed.

Due to the data breach, we’ve informed customers the best way forward is to cancel your card.

Again, we’d like to emphasise that this is a precaution, we do have systems in place to help us with monitoring unauthorised card use.


The details behind the breach are not mentioned in the message - I wouldn’t expect them to be.

The nature and content of the message needn’t be rushed. It should be a standard message with instructions on how to proceed. I want support at that point, not implied threats about late response.

I’m frankly disappointed.


Surely you have Comms in place to deal with scenarios like this that are written in a clear and informative way so you don’t have to rush things and cause confusion resulting in unhappy customers. Cards get compromised all the time, I would expect you to have processes and Comms in place already and not be reacting as they happen.


I absolutely agree it would have been helpful to provide a bit more context. Definitely take your point there.


So that’s it!? No apology for not having a bank card for days or the lack of ANY reply from CS, before airing in public.

None of my points from my original post have been properly raised and no response to at what point Starling would hold me responsible for any liability!?

I’m actually shocked!


This is how Barclay’s dealt with the data breach.

A simple and efficient way, they are only contacting customers if they feel there is a need to, not everyone that might have been affected.

They clearly state the reason, not just an in app message that doesn’t explain. It’s something Starling needs to learn from, wording and how they act is important.

There is no evidence that any fraud has been committed, they just notified the Data Commissioner as they are required to by law and the card companies. So advising to cancel cards isn’t really an ideal solution. Imagine when you have millions of customers.


Starling customer service strikes again! Really abysmal at times.


As we speak, we’re in the process of looking into your message Thom we’ll be able to respond to you as soon as we’ve looked into this.

I apologise again that our communication on this wasn’t as expected.


@alexandra Considering that I have posted this on here, I think it would be more appropriate to post the reply to the forum too.

I am now strongly considering whether I feel I can put my trust into Starling; without knowing at what point would I have been liable in this or a similar situation; I cannot do this.

My confidence is currently well and truly shook. :frowning:


I don’t think the bank should be transferring responsibility to the customer when it comes to card security. If there is a genuine risk that a card has been compromised then it should be locked/cancelled immediately by the bank.


It sounds frankly like a fuck up we’ve come to love from Starling customer service. Just always a bit… amateurish?

With regards to the point you made about possibly being abroad, apart from the instant Apple Pay/Google Pay replacement, I guess you could always keep your old card locked in-app and just unlock to use, before locking again? Chances of someone fraudulently using your card number at exactly the same time are minuscule, surely?


I can confirm in the event of any unauthorised card use, Starling will always take responsibility for this and will investigate accordingly to make sure that you’re protected.

We’re sorry; our communication could have made this clearer.

Our customers are hugely important to us, as is your account security. We’ll always do everything we can to protect that.


@alexandra Could starling not lock the card in-app or turn on the location toggle as a minimum until it has been discussed with the customer? If you believe a card has been compromised why leave it to the customer who may not be near a phone to block themselves.


We have the ability to lock the card/ cancel cards, though there’s always the issue of making sure people have access to their accounts. We therefore only do it when absolutely necessary.

We normally ask customers to cancel cards themselves or use the lock feature; it gives customers more control and means we don’t inadvertently place customers in a difficult position.


I really don’t see the logic in asking a customer to lock a compromised bank card. In theory a person could also have that persons phone, and ignore the message.